← Back

I2 Analyze

i2_analyze

Vendor: Ibm • 5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-29784
1Ibm
1I2 Analyze
Nov 21, 2024
Jul 26, 2021
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks a...Show more
IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 203168.Show less
CVE-2021-29770
1Ibm
1I2 Analyze
Nov 21, 2024
Jul 26, 2021
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 202771.
CVE-2021-29769
1Ibm
1I2 Analyze
Nov 21, 2024
Jul 26, 2021
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http://...Show more
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 202769.Show less
CVE-2021-29766
1Ibm
1I2 Analyze
Nov 21, 2024
Jul 26, 2021
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This informatio...Show more
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202680.Show less
CVE-2021-20430
1Ibm
1I2 Analyze
Nov 21, 2024
Jul 26, 2021
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This informatio...Show more
IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196341.Show less